This long-dormant thread concerns the distribution of data across national boundaries, and recently a case involving exactly these concerns came up in front of SCOTUS, exciting some comment among the lawyers. Professor Andrew Keane Woods of Lawfare has a summary post:
On Tuesday, the Supreme Court will hear oral argument in United States v. Microsoft Corp., a case that will carry broad consequences for our digital lives. The issue to be resolved is whether a warrant obtained under the Stored Communications Act (SCA) can compel a U.S. company to produce information under its control but stored outside the United States. If the Supreme Court answers that question affirmatively, some commentators warn that authoritarian governments will compel American companies with a presence in their borders to produce similar information. But if the court says no, others fear that governments will pass so-called “data localization” laws requiring companies to preserve copies of their data within the judiciary’s jurisdictional reach.
Andrew then further comments here, but to summarize his fascinating post, SCOTUS was enigmatic in its questioning and behavior, and ideological position appeared to not be significant. Andrew’s conclusion, insofar as that’s possible at this point:
One thing that was not mentioned was how the world might react to this case. For a court that often has a keen eye on whether it is in step with other courts around the world (for better or for worse), silence on this issue was notable.
Countries around the world are watching this case because it could be used as a precedent—privacy advocates have called it a dangerous precedent—for the state to exert extraterritorial control over the internet. If the U.S. can do it, the thought goes, then other states will do it. The problem with this concern is that states have long asserted, under longstanding principles of international law, the authority to regulate some international conduct because it has effects in the state, or it concerns the state’s citizens, and so on. So it is unsurprising that states are already busy regulating the internet in ways that have extraterritorial effects. The Canadian Supreme Court has attempted to compel Google to take down certain links worldwide. French authorities have attempted something similar. And just this week, a top EU regulator announced that she expected the EU’s impending privacy regime, the General Data Protection Regulation, to have extraterritorial effect. (This is particularly striking because the EU filed an amicus brief in the Microsoft case to argue, more or less, that it was hesitant about extraterritorial application of U.S. law.)
This case may affect your Internet experience in the future, especially if the State considers your activities to be criminal.